Episode 24: Security Researchers "vs." Open Source Software with solst/ICE!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by Solst to talk about pain points between security researchers and open source software developers.
Links below!
Episode 23: War Stories with Brendan Dolan-Gavitt (XBOW)!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @moyix.net who shares some AI and human war stories with us!
Links below!
Episode 22: Social Engineering, Gas Mark 4, and AGAs with Rachel Tobac!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @racheltobac.bsky.social to talk social engineering war stories...and more!
Links below!
Episode 21: The One Where They Talk About AI Again
@tib3rius.bsky.social & @swiftsecur.bsky.social talk about AI (again). How it affects our lives, vibe coding, and its increasing usefulness in Cybersecurity.
Links below!
Episode 20: War Stories with Julien Richard!
@tib3rius.bsky.social & @swiftsecur.bsky.social chat with Julien Richard about his war stories!
Thank you to @portswigger.net for sponsoring today's episode! Check out portswigger.net/burp/ai to learn more about AI in Burp Suite.
Links below!
SAUSAGE.....those who know.....know. All will be revealed..
oh fuck off...while my heads been down making CTF's...I pop my head up for 5 seconds and NPM is on fire again...
I need sleep. Been building a CTF based around firmware reversing, crypto mishaps and a sprinkling of MQTT..because why not... for the last few days...its gunna be a wild ride in the morning when my teams gets let loose on it...good luck yawll..ill be sleeping in the corner.
Episode 19: DEF CON!
@tib3rius.bsky.social & @swiftsecur.bsky.social chat about DEF CON, the world's biggest hacker convention, which Andy attended for the first time this year!
Links below!
Someone asked me what I was eating for lunch, I said 'er poached eggs'....I couldn't tell them it was actually a dipping egg with soldiers.
eeeek
Now I'm awake and stuff.. I don't want to be dismissive of the NPM thing..sensationalist headlines help no one, some are def overhyped for clicks...but this had potential to hit different...and thats the kinda interesting bit...
This is a cool link:
www.securityalliance.org/news/2025-09...
Episode 18: UK Online Safety Act
@tib3rius.bsky.social & @swiftsecur.bsky.social chat with Daniel Card about the controversial UK Online Safety Act.
Links below!
Episode 17: Common Vulnerability Scoring Sucks?
@tib3rius.bsky.social & @swiftsecur.bsky.social chat about the problems with CVSS.
Links below!
Episode 15: Why Can't Pentesters Scope?
@tib3rius.bsky.social & @swiftsecur.bsky.social discuss why they (pentesters) can't scope very well.
Links below!
So....I built a new scheduling/resourcing system for pentesters, its been a fun project...but now, the irony....it is being pentested....hold onto your hats people...this is going to be a bumpy ride ๐คฃ
#pentesting
This has been my fav so far.... @davidkuszmar.com was awesome, we got to have him back. LIGHT THE RIVER ON FIRE!
Episode 14: Ignore Previous Instructions & Interview David Kuszmar
@tib3rius.bsky.social & @swiftsecur.bsky.social interview AI security researcher @davidkuszmar.com about his incredible LLM jailbreaks and exploits!
Links below!
I dont really ask people to be references, imo security and privacy are important in our work, yet.. most large bid contracts ask for them, whats funny is the ones asking often decline to be references themselves citing security policy as the reason...vicious cycle.
On me way to London guv :) at the Imperial War Museum today for a bit of a workshop with some clients, fun day ahead!
www.darkreading.com/vulnerabilit...
ahhh here we go again :) This is giving me serious PTSD, last time out the IR bat signal was on constantly for a good few weeks ๐
No evidence of wild exploitation yet apparently...but still.
"If you need legal consultation regarding your target, simply click the 'Call lawyer' button located within the target interface, and our legal team will contact you privately to provide qualified legal support,"
This is amazing.
I've always found it works best not to use non-existent settings..
Episode 13: US Tech Market Dominance
@tib3rius.bsky.social & @swiftsecur.bsky.social chat about why the US tech and cybersecurity markets are so dominant in the world. Prepare for some hot takes. ๐ฅ๐ฅต
Links below!
cybersecuritynews.com/linux-privil...
Few big ones for Linux...one is all Suse but the other is a lil more interesting LPE.
uh huh ๐
